OPNsense Forum

English Forums => Zenarmor (Sensei) => Topic started by: flushell on January 08, 2021, 12:12:29 pm

Title: Errors Out on VLANs in non-Passive mode
Post by: flushell on January 08, 2021, 12:12:29 pm

I noticed Interface Out errors (Atachment) on my VLANS when they where very active dowloading. Tracked it down to Sensei. The errors only occur in non-Passive mode (both L3 native and generic). So, the errors stop occuring in Passive mode.

I have two VLANS and the errors do not occur on the parent LAN. Only the Parrent LAN is selected in Protected Interfaces. Everything is still in default mode (I'm testing this out), I have nothing blocked.

I tried to Enable and Disable VLAN Hardening in Interface settings, that did not help. Hardware CRC, TSO en LRO are disabled.

Opnsense is running in a qemu VM in Proxmox on a Dell Poweredge T330. The VM has two network cards assigned that are Linux Bridges of the original network cards, which are Broadcom Gigabit Ethernet BCM 5720.

Any ideas why the errors are occuring?

Title: Re: Errors Out on VLANs in non-Passive mode
Post by: sy on January 08, 2021, 04:02:22 pm

Hi,

Your interface is vtnet? if yes, have you ever tried with em?

Title: Re: Errors Out on VLANs in non-Passive mode
Post by: flushell on January 08, 2021, 09:16:34 pm

Quote from: sy on January 08, 2021, 04:02:22 pm

Hi,

Your interface is vtnet? if yes, have you ever tried with em?

Yes interface is vtnet (LAN and WAN)
I have mutiple interfaces as shown in the attachment.
The VLANS (The ones beginning with VL_) give Out Errors. The LAN Interface gives NO errors.
The LAN is the Parent of those VLANS.

Title: Re: Errors Out on VLANs in non-Passive mode
Post by: flushell on January 15, 2021, 03:37:56 pm

Quote from: sy on January 08, 2021, 04:02:22 pm

Hi,

Your interface is vtnet? if yes, have you ever tried with em?

What do you mean?

Title: Re: Errors Out on VLANs in non-Passive mode
Post by: Gcon on July 16, 2021, 06:06:39 pm

He means have you tried to emulate a different ethernet NIC type.

Anyway how did you go with this? I am seeing "errors out" on a VLAN interface on a virtualised firewall. Wondering if you found a solution? I noticed that the original post was prior to the release of 21.1 which contained a fix of "Fix stability and reliability issues with regard to vmx(4), vtnet(4), ixl(4), ix(4) and em(4) ethernet drivers."

Did you upgrade to 21.1, and did that fix your issue?

Title: Re: Errors Out on VLANs in non-Passive mode
Post by: firewalled101 on February 04, 2023, 01:05:35 am

Good luck finding a solution. I have the same exact issue. I tried baremetal install and virtual on proxmox. Same result.

Title: Re: Errors Out on VLANs in non-Passive mode
Post by: sy on February 10, 2023, 10:50:49 am

Hi,

Please can you try the new patched kernel? There is an issue with VLANs with netmap.

https://forum.opnsense.org/index.php?topic=32114.0

Title: Re: Errors Out on VLANs in non-Passive mode
Post by: franco on February 10, 2023, 11:53:35 am

> Any ideas why the errors are occuring?

Drops due to missing free mbufs. Does it have any operational impact?

The test kernel makes this slightly better but drops will always occur in emulated mode as it has no fixed guarantees.


Cheers,
Franco